Presently, the capabilities for ros `topics` are distinguished as `publish` `subscribe`. I'd suggest we formalise the terminology for the accompanying sub-systems as well for: perimetres, services, actions.
I'd propose the following breakdown of capability primitives:
| Subsystem | Capabilities |
|---|---|
| topics | `publish`, `subscribe` |
| parameters | `read`, `write` |
| actions | `call`, `execute` |
| service | `request`, `reply` |
Perhaps others may have suggestions per the exact choice of vocab (e.g. [reply vs response](
https://www.wikiwand.com/en/Request%E2%80%93response)) to adopt.
These collection of subject permissions above reflects the symmetry of roles for each given subsystem object interface. Should it be necessary, we should anticipate the extending the number of capability types. For example, while the pub/sub server/client roles in topics and services are rather straightforward, what of finer restrictions when provisioning for parameters and actions? Should practices such as [same origin policy](
https://en.wikipedia.org/wiki/Same-origin_policy) be implementable when controlling who can cancel who's particular goal, or who can write to which particular parameter?
---
[Visit Topic](
https://discourse.ros.org/t/ros2-security-working-group-online-meeting/6393/27) or reply to this email to respond.
If you do not want to receive messages from ros-users please use the unsubscribe link below. If you use the one above, you will stop all of ros-users from receiving updates.
______________________________________________________________________________
ros-users mailing list
ros-users@lists.ros.org
http://lists.ros.org/mailman/listinfo/ros-users
Unsubscribe: <
http://lists.ros.org/mailman//options/ros-users>
(text/plain)